Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access

The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them. id: CVE-2023-1263 info: name: Coming Soon & Maintenance 4.1.7 - Unauthenticated Post/Page Access author: r3Y3r53 severity: medium...

CVE-2026-6518

The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the cmpthemeupdateinstall AJAX action. This is due to the function only checking for the publishpages...

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution vulnerability

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin = 4.1.16 - Missing Authorization to Authenticated Administrator+ Arbitrary File Upload and Remote Code Execution vulnerability discovered by ll in WordPress Plugin CMP – Coming Soon & Maintenance versions = 4.1.16...

WordPress plugin CMP – Coming Soon & Maintenance Plugin by NiteoThemes 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2023-50374

Server-Side Request Forgery SSRF vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10...

EUVD-2023-55175

Malicious code in bioql PyPI...

EUVD-2025-9258

Malicious code in bioql PyPI...

EUVD-2025-9890

Malicious code in bioql PyPI...

CVE-2025-32118

Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through = 4.1.14...

CVE-2025-32118

Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through = 4.1.14...

CVE-2025-31769

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin CLP – Custom Login Page by NiteoThemes versions = 1.5.5...

CVE-2025-31769

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

CVE-2025-31769

CVE-2025-31769 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “CLP – Custom Login Page by NiteoThemes”, affecting versions from n/a through 1.5.5. The issue stems from CSRF in the plugin (root cause details not explicitly provided in the documents). Impact is ...

CVE-2025-31769 WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

CVE-2025-31769 WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

WordPress plugin CLP – Custom Login Page by NiteoThemes 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin CLP - Custom Login Page by...

PT-2025-14155 · Niteothemes · Clp – Custom Login Page

Name of the Vulnerable Software and Affected Versions: CLP – Custom Login Page by NiteoThemes versions 1.5.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user into performing...

CMP – Coming Soon & Maintenance < 4.1.11 - Authenticated (Admin+) Server-Side Request Forgery

Description The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.10. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests...

CVE-2023-50374

Server-Side Request Forgery SSRF vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10...